Administrator Guide

Access Control Lists 641

Figure 20-3 lists commonly-used IP protocol numbers:

Using IP and MAC Address Masks

Masks are used with IP and MAC addresses to specify what should be

considered in the address for a match. Masks are expanded internally into a

bit mask and are applied bit-wise in the hardware even though they are

entered in decimal or hexadecimal format. Masks need not have contiguous 0

or 1 bits. A 0 bit value in the mask indicates that the address field in the

packet being compared must match the address bit exactly. A 1 value in the

mask indicates a wildcard or don't care value, i.e. the access bits are not

compared and match any possible value. For example, an IP address of 3.3.3.3

with a mask of 0.0.0.0 indicates that the ACL matches on all four bytes of the

0x8808 MAC Control

0x8809 Slow Protocols (IEEE 802.3)

0x8870 Jumbo frames

0x888E EAP over LAN (EAPOL – 802.1x)

0x88CC Link Layer Discovery Protocol

0x8906 Fibre Channel over Ethernet

0x9100 Q in Q

Table 20-3. Common IP Protocol Numbers

IP Protocol Number Protocol

0x00 IPv6 Hop-by-hop option

0x01 ICMP

0x02 IGMP

0x06 TCP

0x08 EGP

0x09 IGP

0x11 UDP

Table 20-2. Common EtherType Numbers (Continued)

EtherType Protocol